This source file includes following definitions.
- des1_encrypt
- des1_decrypt
- des1_setkey
- des1_zerokey
- des3_encrypt
- des3_decrypt
- des3_setkey
- des3_zerokey
- blf_encrypt
- blf_decrypt
- blf_setkey
- blf_zerokey
- null_setkey
- null_zerokey
- null_encrypt
- null_decrypt
- cast5_encrypt
- cast5_decrypt
- cast5_setkey
- cast5_zerokey
- skipjack_encrypt
- skipjack_decrypt
- skipjack_setkey
- skipjack_zerokey
- rijndael128_encrypt
- rijndael128_decrypt
- rijndael128_setkey
- rijndael128_zerokey
- aes_ctr_reinit
- aes_ctr_crypt
- aes_ctr_setkey
- aes_ctr_zerokey
- RMD160Update_int
- MD5Update_int
- SHA1Update_int
- SHA256_Update_int
- SHA384_Update_int
- SHA512_Update_int
- deflate_compress
- deflate_decompress
- lzs_dummy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39 #include <sys/param.h>
40 #include <sys/systm.h>
41 #include <sys/malloc.h>
42 #include <sys/sysctl.h>
43 #include <sys/errno.h>
44 #include <sys/time.h>
45 #include <sys/kernel.h>
46 #include <machine/cpu.h>
47
48 #include <crypto/md5.h>
49 #include <crypto/sha1.h>
50 #include <crypto/sha2.h>
51 #include <crypto/rmd160.h>
52 #include <crypto/blf.h>
53 #include <crypto/cast.h>
54 #include <crypto/skipjack.h>
55 #include <crypto/rijndael.h>
56 #include <crypto/cryptodev.h>
57 #include <crypto/xform.h>
58 #include <crypto/deflate.h>
59
60 extern void des_ecb3_encrypt(caddr_t, caddr_t, caddr_t, caddr_t, caddr_t, int);
61 extern void des_ecb_encrypt(caddr_t, caddr_t, caddr_t, int);
62
63 int des_set_key(caddr_t, caddr_t);
64 int des1_setkey(u_int8_t **, u_int8_t *, int);
65 int des3_setkey(u_int8_t **, u_int8_t *, int);
66 int blf_setkey(u_int8_t **, u_int8_t *, int);
67 int cast5_setkey(u_int8_t **, u_int8_t *, int);
68 int skipjack_setkey(u_int8_t **, u_int8_t *, int);
69 int rijndael128_setkey(u_int8_t **, u_int8_t *, int);
70 int aes_ctr_setkey(u_int8_t **, u_int8_t *, int);
71 void des1_encrypt(caddr_t, u_int8_t *);
72 void des3_encrypt(caddr_t, u_int8_t *);
73 void blf_encrypt(caddr_t, u_int8_t *);
74 void cast5_encrypt(caddr_t, u_int8_t *);
75 void skipjack_encrypt(caddr_t, u_int8_t *);
76 void rijndael128_encrypt(caddr_t, u_int8_t *);
77 void des1_decrypt(caddr_t, u_int8_t *);
78 void des3_decrypt(caddr_t, u_int8_t *);
79 void blf_decrypt(caddr_t, u_int8_t *);
80 void cast5_decrypt(caddr_t, u_int8_t *);
81 void skipjack_decrypt(caddr_t, u_int8_t *);
82 void rijndael128_decrypt(caddr_t, u_int8_t *);
83 void des1_zerokey(u_int8_t **);
84 void des3_zerokey(u_int8_t **);
85 void blf_zerokey(u_int8_t **);
86 void cast5_zerokey(u_int8_t **);
87 void skipjack_zerokey(u_int8_t **);
88 void rijndael128_zerokey(u_int8_t **);
89 void aes_ctr_zerokey(u_int8_t **);
90 void null_encrypt(caddr_t, u_int8_t *);
91 void null_zerokey(u_int8_t **);
92 int null_setkey(u_int8_t **, u_int8_t *, int);
93 void null_decrypt(caddr_t, u_int8_t *);
94
95 void aes_ctr_reinit(caddr_t, u_int8_t *);
96 void aes_ctr_crypt(caddr_t, u_int8_t *);
97
98 int MD5Update_int(void *, u_int8_t *, u_int16_t);
99 int SHA1Update_int(void *, u_int8_t *, u_int16_t);
100 int RMD160Update_int(void *, u_int8_t *, u_int16_t);
101 int SHA256_Update_int(void *, u_int8_t *, u_int16_t);
102 int SHA384_Update_int(void *, u_int8_t *, u_int16_t);
103 int SHA512_Update_int(void *, u_int8_t *, u_int16_t);
104
105 u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **);
106 u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **);
107 u_int32_t lzs_dummy(u_int8_t *, u_int32_t, u_int8_t **);
108
109
110 struct enc_xform enc_xform_des = {
111 CRYPTO_DES_CBC, "DES",
112 8, 8, 8, 8,
113 des1_encrypt,
114 des1_decrypt,
115 des1_setkey,
116 des1_zerokey,
117 NULL
118 };
119
120 struct enc_xform enc_xform_3des = {
121 CRYPTO_3DES_CBC, "3DES",
122 8, 8, 24, 24,
123 des3_encrypt,
124 des3_decrypt,
125 des3_setkey,
126 des3_zerokey,
127 NULL
128 };
129
130 struct enc_xform enc_xform_blf = {
131 CRYPTO_BLF_CBC, "Blowfish",
132 8, 8, 5, 56 ,
133 blf_encrypt,
134 blf_decrypt,
135 blf_setkey,
136 blf_zerokey,
137 NULL
138 };
139
140 struct enc_xform enc_xform_cast5 = {
141 CRYPTO_CAST_CBC, "CAST-128",
142 8, 8, 5, 16,
143 cast5_encrypt,
144 cast5_decrypt,
145 cast5_setkey,
146 cast5_zerokey,
147 NULL
148 };
149
150 struct enc_xform enc_xform_skipjack = {
151 CRYPTO_SKIPJACK_CBC, "Skipjack",
152 8, 8, 10, 10,
153 skipjack_encrypt,
154 skipjack_decrypt,
155 skipjack_setkey,
156 skipjack_zerokey,
157 NULL
158 };
159
160 struct enc_xform enc_xform_rijndael128 = {
161 CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES",
162 16, 16, 16, 32,
163 rijndael128_encrypt,
164 rijndael128_decrypt,
165 rijndael128_setkey,
166 rijndael128_zerokey,
167 NULL
168 };
169
170 struct enc_xform enc_xform_aes_ctr = {
171 CRYPTO_AES_CTR, "AES-CTR",
172 16, 8, 16+4, 32+4,
173 aes_ctr_crypt,
174 NULL,
175 aes_ctr_setkey,
176 aes_ctr_zerokey,
177 aes_ctr_reinit
178 };
179
180 struct enc_xform enc_xform_arc4 = {
181 CRYPTO_ARC4, "ARC4",
182 1, 1, 1, 32,
183 NULL,
184 NULL,
185 NULL,
186 NULL,
187 NULL
188 };
189
190 struct enc_xform enc_xform_null = {
191 CRYPTO_NULL, "NULL",
192 4, 0, 0, 256,
193 null_encrypt,
194 null_decrypt,
195 null_setkey,
196 null_zerokey,
197 NULL
198 };
199
200
201 struct auth_hash auth_hash_hmac_md5_96 = {
202 CRYPTO_MD5_HMAC, "HMAC-MD5",
203 16, 16, 12, sizeof(MD5_CTX),
204 (void (*) (void *)) MD5Init, MD5Update_int,
205 (void (*) (u_int8_t *, void *)) MD5Final
206 };
207
208 struct auth_hash auth_hash_hmac_sha1_96 = {
209 CRYPTO_SHA1_HMAC, "HMAC-SHA1",
210 20, 20, 12, sizeof(SHA1_CTX),
211 (void (*) (void *)) SHA1Init, SHA1Update_int,
212 (void (*) (u_int8_t *, void *)) SHA1Final
213 };
214
215 struct auth_hash auth_hash_hmac_ripemd_160_96 = {
216 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
217 20, 20, 12, sizeof(RMD160_CTX),
218 (void (*)(void *)) RMD160Init, RMD160Update_int,
219 (void (*)(u_int8_t *, void *)) RMD160Final
220 };
221
222 struct auth_hash auth_hash_hmac_sha2_256_96 = {
223 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
224 32, 32, 12, sizeof(SHA256_CTX),
225 (void (*)(void *)) SHA256_Init, SHA256_Update_int,
226 (void (*)(u_int8_t *, void *)) SHA256_Final
227 };
228
229 struct auth_hash auth_hash_hmac_sha2_384_96 = {
230 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
231 48, 48, 12, sizeof(SHA384_CTX),
232 (void (*)(void *)) SHA384_Init, SHA384_Update_int,
233 (void (*)(u_int8_t *, void *)) SHA384_Final
234 };
235
236 struct auth_hash auth_hash_hmac_sha2_512_96 = {
237 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
238 64, 64, 12, sizeof(SHA512_CTX),
239 (void (*)(void *)) SHA512_Init, SHA512_Update_int,
240 (void (*)(u_int8_t *, void *)) SHA512_Final
241 };
242
243 struct auth_hash auth_hash_key_md5 = {
244 CRYPTO_MD5_KPDK, "Keyed MD5",
245 0, 16, 16, sizeof(MD5_CTX),
246 (void (*)(void *)) MD5Init, MD5Update_int,
247 (void (*)(u_int8_t *, void *)) MD5Final
248 };
249
250 struct auth_hash auth_hash_key_sha1 = {
251 CRYPTO_SHA1_KPDK, "Keyed SHA1",
252 0, 20, 20, sizeof(SHA1_CTX),
253 (void (*)(void *)) SHA1Init, SHA1Update_int,
254 (void (*)(u_int8_t *, void *)) SHA1Final
255 };
256
257 struct auth_hash auth_hash_md5 = {
258 CRYPTO_MD5, "MD5",
259 0, 16, 16, sizeof(MD5_CTX),
260 (void (*) (void *)) MD5Init, MD5Update_int,
261 (void (*) (u_int8_t *, void *)) MD5Final
262 };
263
264 struct auth_hash auth_hash_sha1 = {
265 CRYPTO_SHA1, "SHA1",
266 0, 20, 20, sizeof(SHA1_CTX),
267 (void (*)(void *)) SHA1Init, SHA1Update_int,
268 (void (*)(u_int8_t *, void *)) SHA1Final
269 };
270
271
272 struct comp_algo comp_algo_deflate = {
273 CRYPTO_DEFLATE_COMP, "Deflate",
274 90, deflate_compress,
275 deflate_decompress
276 };
277
278 struct comp_algo comp_algo_lzs = {
279 CRYPTO_LZS_COMP, "LZS",
280 90, lzs_dummy,
281 lzs_dummy
282 };
283
284
285
286
287 void
288 des1_encrypt(caddr_t key, u_int8_t *blk)
289 {
290 des_ecb_encrypt(blk, blk, key, 1);
291 }
292
293 void
294 des1_decrypt(caddr_t key, u_int8_t *blk)
295 {
296 des_ecb_encrypt(blk, blk, key, 0);
297 }
298
299 int
300 des1_setkey(u_int8_t **sched, u_int8_t *key, int len)
301 {
302 MALLOC(*sched, u_int8_t *, 128, M_CRYPTO_DATA, M_WAITOK);
303 bzero(*sched, 128);
304
305 if (des_set_key(key, *sched) < 0) {
306 des1_zerokey(sched);
307 return -1;
308 }
309
310 return 0;
311 }
312
313 void
314 des1_zerokey(u_int8_t **sched)
315 {
316 bzero(*sched, 128);
317 FREE(*sched, M_CRYPTO_DATA);
318 *sched = NULL;
319 }
320
321 void
322 des3_encrypt(caddr_t key, u_int8_t *blk)
323 {
324 des_ecb3_encrypt(blk, blk, key, key + 128, key + 256, 1);
325 }
326
327 void
328 des3_decrypt(caddr_t key, u_int8_t *blk)
329 {
330 des_ecb3_encrypt(blk, blk, key + 256, key + 128, key, 0);
331 }
332
333 int
334 des3_setkey(u_int8_t **sched, u_int8_t *key, int len)
335 {
336 MALLOC(*sched, u_int8_t *, 384, M_CRYPTO_DATA, M_WAITOK);
337 bzero(*sched, 384);
338
339 if (des_set_key(key, *sched) < 0 || des_set_key(key + 8, *sched + 128)
340 < 0 || des_set_key(key + 16, *sched + 256) < 0) {
341 des3_zerokey(sched);
342 return -1;
343 }
344
345 return 0;
346 }
347
348 void
349 des3_zerokey(u_int8_t **sched)
350 {
351 bzero(*sched, 384);
352 FREE(*sched, M_CRYPTO_DATA);
353 *sched = NULL;
354 }
355
356 void
357 blf_encrypt(caddr_t key, u_int8_t *blk)
358 {
359 blf_ecb_encrypt((blf_ctx *) key, blk, 8);
360 }
361
362 void
363 blf_decrypt(caddr_t key, u_int8_t *blk)
364 {
365 blf_ecb_decrypt((blf_ctx *) key, blk, 8);
366 }
367
368 int
369 blf_setkey(u_int8_t **sched, u_int8_t *key, int len)
370 {
371 MALLOC(*sched, u_int8_t *, sizeof(blf_ctx), M_CRYPTO_DATA, M_WAITOK);
372 bzero(*sched, sizeof(blf_ctx));
373 blf_key((blf_ctx *)*sched, key, len);
374
375 return 0;
376 }
377
378 void
379 blf_zerokey(u_int8_t **sched)
380 {
381 bzero(*sched, sizeof(blf_ctx));
382 FREE(*sched, M_CRYPTO_DATA);
383 *sched = NULL;
384 }
385
386 int
387 null_setkey(u_int8_t **sched, u_int8_t *key, int len)
388 {
389 return 0;
390 }
391
392 void
393 null_zerokey(u_int8_t **sched)
394 {
395 }
396
397 void
398 null_encrypt(caddr_t key, u_int8_t *blk)
399 {
400 }
401
402 void
403 null_decrypt(caddr_t key, u_int8_t *blk)
404 {
405 }
406
407 void
408 cast5_encrypt(caddr_t key, u_int8_t *blk)
409 {
410 cast_encrypt((cast_key *) key, blk, blk);
411 }
412
413 void
414 cast5_decrypt(caddr_t key, u_int8_t *blk)
415 {
416 cast_decrypt((cast_key *) key, blk, blk);
417 }
418
419 int
420 cast5_setkey(u_int8_t **sched, u_int8_t *key, int len)
421 {
422 MALLOC(*sched, u_int8_t *, sizeof(cast_key), M_CRYPTO_DATA, M_WAITOK);
423 bzero(*sched, sizeof(cast_key));
424 cast_setkey((cast_key *)*sched, key, len);
425
426 return 0;
427 }
428
429 void
430 cast5_zerokey(u_int8_t **sched)
431 {
432 bzero(*sched, sizeof(cast_key));
433 FREE(*sched, M_CRYPTO_DATA);
434 *sched = NULL;
435 }
436
437 void
438 skipjack_encrypt(caddr_t key, u_int8_t *blk)
439 {
440 skipjack_forwards(blk, blk, (u_int8_t **) key);
441 }
442
443 void
444 skipjack_decrypt(caddr_t key, u_int8_t *blk)
445 {
446 skipjack_backwards(blk, blk, (u_int8_t **) key);
447 }
448
449 int
450 skipjack_setkey(u_int8_t **sched, u_int8_t *key, int len)
451 {
452 MALLOC(*sched, u_int8_t *, 10 * sizeof(u_int8_t *), M_CRYPTO_DATA,
453 M_WAITOK);
454 bzero(*sched, 10 * sizeof(u_int8_t *));
455 subkey_table_gen(key, (u_int8_t **) *sched);
456
457 return 0;
458 }
459
460 void
461 skipjack_zerokey(u_int8_t **sched)
462 {
463 int k;
464
465 for (k = 0; k < 10; k++) {
466 if (((u_int8_t **)(*sched))[k]) {
467 bzero(((u_int8_t **)(*sched))[k], 0x100);
468 FREE(((u_int8_t **)(*sched))[k], M_CRYPTO_DATA);
469 }
470 }
471 bzero(*sched, 10 * sizeof(u_int8_t *));
472 FREE(*sched, M_CRYPTO_DATA);
473 *sched = NULL;
474 }
475
476 void
477 rijndael128_encrypt(caddr_t key, u_int8_t *blk)
478 {
479 rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk);
480 }
481
482 void
483 rijndael128_decrypt(caddr_t key, u_int8_t *blk)
484 {
485 rijndael_decrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk);
486 }
487
488 int
489 rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len)
490 {
491 MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA,
492 M_WAITOK);
493 bzero(*sched, sizeof(rijndael_ctx));
494
495 if (rijndael_set_key((rijndael_ctx *)*sched, (u_char *)key, len * 8)
496 < 0) {
497 rijndael128_zerokey(sched);
498 return -1;
499 }
500
501 return 0;
502 }
503
504 void
505 rijndael128_zerokey(u_int8_t **sched)
506 {
507 bzero(*sched, sizeof(rijndael_ctx));
508 FREE(*sched, M_CRYPTO_DATA);
509 *sched = NULL;
510 }
511
512 #define AESCTR_NONCESIZE 4
513 #define AESCTR_IVSIZE 8
514 #define AESCTR_BLOCKSIZE 16
515
516 struct aes_ctr_ctx {
517 u_int32_t ac_ek[4*(AES_MAXROUNDS + 1)];
518 u_int8_t ac_block[AESCTR_BLOCKSIZE];
519 int ac_nr;
520 };
521
522 void
523 aes_ctr_reinit(caddr_t key, u_int8_t *iv)
524 {
525 struct aes_ctr_ctx *ctx;
526
527 ctx = (struct aes_ctr_ctx *)key;
528 bcopy(iv, ctx->ac_block + AESCTR_NONCESIZE, AESCTR_IVSIZE);
529
530
531 bzero(ctx->ac_block + AESCTR_NONCESIZE + AESCTR_IVSIZE, 4);
532 }
533
534 void
535 aes_ctr_crypt(caddr_t key, u_int8_t *data)
536 {
537 struct aes_ctr_ctx *ctx;
538 u_int8_t keystream[AESCTR_BLOCKSIZE];
539 int i;
540
541 ctx = (struct aes_ctr_ctx *)key;
542
543 for (i = AESCTR_BLOCKSIZE - 1;
544 i >= AESCTR_NONCESIZE + AESCTR_IVSIZE; i--)
545 if (++ctx->ac_block[i])
546 break;
547 rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream);
548 for (i = 0; i < AESCTR_BLOCKSIZE; i++)
549 data[i] ^= keystream[i];
550 }
551
552 int
553 aes_ctr_setkey(u_int8_t **sched, u_int8_t *key, int len)
554 {
555 struct aes_ctr_ctx *ctx;
556
557 if (len < AESCTR_NONCESIZE)
558 return -1;
559
560 MALLOC(*sched, u_int8_t *, sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA,
561 M_WAITOK);
562 bzero(*sched, sizeof(struct aes_ctr_ctx));
563 ctx = (struct aes_ctr_ctx *)*sched;
564 ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key,
565 (len - AESCTR_NONCESIZE) * 8);
566 if (ctx->ac_nr == 0) {
567 aes_ctr_zerokey(sched);
568 return -1;
569 }
570 bcopy(key + len - AESCTR_NONCESIZE, ctx->ac_block, AESCTR_NONCESIZE);
571 return 0;
572 }
573
574 void
575 aes_ctr_zerokey(u_int8_t **sched)
576 {
577 bzero(*sched, sizeof(struct aes_ctr_ctx));
578 FREE(*sched, M_CRYPTO_DATA);
579 *sched = NULL;
580 }
581
582
583
584
585
586 int
587 RMD160Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
588 {
589 RMD160Update(ctx, buf, len);
590 return 0;
591 }
592
593 int
594 MD5Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
595 {
596 MD5Update(ctx, buf, len);
597 return 0;
598 }
599
600 int
601 SHA1Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
602 {
603 SHA1Update(ctx, buf, len);
604 return 0;
605 }
606
607 int
608 SHA256_Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
609 {
610 SHA256_Update(ctx, buf, len);
611 return 0;
612 }
613
614 int
615 SHA384_Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
616 {
617 SHA384_Update(ctx, buf, len);
618 return 0;
619 }
620
621 int
622 SHA512_Update_int(void *ctx, u_int8_t *buf, u_int16_t len)
623 {
624 SHA512_Update(ctx, buf, len);
625 return 0;
626 }
627
628
629
630
631
632 u_int32_t
633 deflate_compress(u_int8_t *data, u_int32_t size, u_int8_t **out)
634 {
635 return deflate_global(data, size, 0, out);
636 }
637
638 u_int32_t
639 deflate_decompress(u_int8_t *data, u_int32_t size, u_int8_t **out)
640 {
641 return deflate_global(data, size, 1, out);
642 }
643
644 u_int32_t
645 lzs_dummy(u_int8_t *data, u_int32_t size, u_int8_t **out)
646 {
647 *out = NULL;
648 return (0);
649 }